Risk DNA: An Evolutionary Approach to Identifying Emerging and Adapting Enterprise Risk

Permission is granted to make brief excerpts for a published review. Permission is also granted to make limited numbers of copies of items in this monograph for personal, internal, classroom or other instructional use, on condition that the foregoing copyright notice is used so as to give reasonable notice of the Society's copyright. This consent for free limited copying without prior consent of the Society does not extend to making copies for general distribution, for advertising or promotional purposes, for inclusion in new collective works or for resale. Abstract Contemporary enterprise risk management (ERM) has moved from an event-based view of risk to a hierarchical, systems-based approach. Risk systems that involve human interaction are classified and behave as complex adaptive systems. One of the key signatures of complex adaptive systems is that they evolve, and therefore a detailed understanding of the evolution of an enterprise's risk system should reveal the nature, future likely emergence and adaptation of risks in that enterprise. In order to operationalize such an approach, a methodology is proposed in this paper that draws on phylogenetic approaches that have been successfully developed for biological evolution. The technique and process provide an insight into the lineage, pace and impact of external conditions on the evolution of risks. They also provide a unique and rational classification of risk in an enterprise that can be used to optimize risk management resources. An example of a fictitious insurance company is used to illustrate the approach.